Posts by henfri

    Hello,


    in top, kvm seemingly uses quite a bit of CPU:

    Code
    Tasks: 452 total,   1 running, 451 sleeping,   0 stopped,   0 zombie
    %CPU(s): 11,2 us,  6,3 sy,  0,0 ni, 79,0 id,  3,4 wa,  0,0 hi,  0,1 si,  0,0 st
    MiB Spch:   7724,7 total,    268,3 free,   3215,2 used,   4241,2 buff/cache
    MiB Swap:  16384,0 total,  14101,2 free,   2282,8 used.   4423,6 avail Spch
    
        PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     ZEIT+ BEFEHL
       1609 libvirt+  20   0 5339056 571012   5504 S  32,6   7,2 977:54.85 qemu-system-x86
    1707496 henfri    20   0 2952024 159516   7040 S  10,9   2,0 356:19.73 python3

    It varies between 30 and 40%.

    If I check the CPU load in the guest, it is around 10%. This would mean a virtualization overhead of a factor of 4, which seems a bit much.


    However, if I check the performance statistics it looks better:


    What can be the reason for this inconsistency?


    Can someone tell me the source of the data in this Image?


    Greetings,

    Hendrik

    Hello,


    since my last reboot, I get many, many, many mails (>100 per day) from monit.

    The system load is constantly matched/succeeded/matched/succeeded.


    The CPU usage is below 20% though...


    Attached you find some performance statistics.

    You can clearly see the high load (already before the reboot (graceful shutdown) which is visible due to its duration of 2-3h it was quite high).


    How can I find the reason?


    Greetings,

    Hendrik

    Hello,


    the server side is works. I have tried it with a smartphone. Also, from this client, I have used wireguard - also with ipv6 before.


    Is it normal, that it says "active (exited)"?


    I have compared my old, manually created config (left) to the one generated by the plugin:



    Differences:

    • Different IP-Range
    • Different Private and Public Key
    • NEW: PresharedKey
    • No newline in the new file end
    • PersistentKeepAlive (upper vs. lower case)


    I have done this. In addition to a

    cp wgnet0.conf wg0test.conf , I have added a newline to the end of the file.

    It works now!


    Thanks!


    Greetings,

    Hendrik

    Hello,


    I am not sure, whether it was due to the change to br0 in kvm or because I now use the docker-compose. But it works now.


    Thanks!! I really appreciate your help and the work you put in OMV!


    Now the last issue, that I have is this one:



    Greetings,

    Hendrik

    Hello,


    I have setup wireguard via the OMV Plugin now.

    Previously, I had set it up manually.

    Now, I have configured all my Hosts again and they work.

    Nice interface&great plugin. Thanks!


    What is not yet working is the one Debian (in fact OMV5) client that I have.

    I displayed the config in the Servers Webinterface. Then, I copied the content into /etc/wireguard/wgnet0.conf on the host (omv5).

    Then I executed a wg-quick down wgnet0 and wg-quick up wgnet0.


    You see, "transfer" is 0 B. So, the connection is not established.

    The endpoint has been resolved correctly (the IP is correct).


    What have I done wrong?


    Best regards,

    Hendrik

    Hello,


    the output of ps aux is

    Code
    ps aux | grep dnsmasq
    dnsmasq     2071  0.0  0.0  14976  2208 ?        S    17:57   0:00 dnsmasq --conf-file=/dev/null -u dnsmasq --strict-order --bind-interfaces --pid-file=/run/l
    /dnsmasq.pid --listen-address 10.0.3.1 --dhcp-range 10.0.3.2,10.0.3.254 --dhcp-lease-max=253 --dhcp-no-override --except-interface=lo --interface=lxcbr0 --dhc
    leasefile=/var/lib/misc/dnsmasq.lxcbr0.leases --dhcp-authoritative
    root       25225  0.0  0.0   6740   644 pts/0    S+   18:10   0:00 grep --color dnsmasq


    I am using that script as I found it in some guide, back then. I do not quite remember why I did not use docker-compose (I do use it elsewhere).


    On my other topic, I now configured the VM to use a br0 set up in the main OMV-Network settings.

    After I applied the network settings, I lost access to the s erver from my laptop. It would not reply to a ping. A ping on the shell (physical access) to the server IP (192.168.177.3) worked.

    After reboot, it worked.

    It may be worth adding a remark in the guide.


    Best regards,

    Hendrik

    Thanks!


    This

    If you just change this line to the following, it would only listen on one interface.

    -p 192.168.177.3:53:53/tcp -p 192.168.177.3:53:53 -p 192.168.177.3:80:80 \

    unfortunately, does not work:

    Code
    ./docker_run.sh
    IP: 0 - IPv6: src
    55bf877fb5b2a15cbed8438e4a657bc234984aeacd0f47c28b2550168bc92c79
    docker: Error response from daemon: driver failed programming external connectivity on endpoint pihole (af4ea568bc3269a4a7ed60ebbcf8ffc2642b447f0de063c1e860e188b5118312): Bind for 192.168.177.3:53 failed: port is already allocated.
    
    netstat -tulpn |grep ":53 "
    tcp        0      0 10.0.3.1:53             0.0.0.0:*               LISTEN      2246/dnsmasq
    udp        0      0 10.0.3.1:53             0.0.0.0:*                           2246/dnsmasq

    Do you understand this?


    Greetings,

    Hendrik

    I have almost no info. How are you starting the container? docker-compose? If you aren't binding the container to a network or ip address, you are binding it to 0.0.0.0 which is all network interfaces. I don't have enough info to know what 10.0.3.1 is but the output of ip a would help.

    I am starting with this script:



    ip -a tells me:


    So, it is lxcbr0


    Quote

    Why would you purge it after I told you it wasn't causing the problem? You could try disabling all NAT networks in the kvm plugin. It shouldn't start a dnsmasq listener on that network then.

    That was before you said it.


    Quote

    A bridge network defined in the plugin or a bridge network interface defined at the OMV network level? The latter should be used and is described thoroughly in the kvm guide.

    A bridge defined in the plugin.


    The guide states, what I need to do. I am a bit worried though regarding the remark that " If you have services configured on the host with this network interface (for example, Wireguard), you will need to reconfigure them to work with the bridge"


    What except for wireguard could be affected?


    Code
    PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE
    PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s31f6 -j MASQUERADE

    So, I would have to replace the enp0s31f6 by br0?


    Best regards,

    Hendrik

    This has been covered before. The plugin doesn't run dnsmasq or even install the full dnsmasq package (just dnsmasq-base). It will spin up a dnsmasq instance that listens only on the virtual network. It is used to assign IPs to NAT VMs. This should only be a problem if you are telling pihole to listen on every network. There are plenty of ways to avoid that.

    Thanks for your reply - and sorry for the delay in mine.

    I do not tell pihole to listen on every interface. In fact, I try to run it in a docker container.

    I have no Idea what else could start dnsmasq.


    10.0.3.1 is not the IP of my host though....


    Let me know, if I should start a new thread on this. I tried to purge dnsmasq, but that would have purged omv-kvm as well.


    On a different matter:

    I am using a bridge network. For some reason, I can access from the host (or other machines) to the VM, but I cannot access from the VM to the host (not even a ping to the host IP gets a response).


    What could be the reason?


    Best regards,

    Hendrik

    Hello,


    Code
    policykit-1:
      Installiert:           (keine)
      Installationskandidat: 0.105-31+deb11u1
      Versionstabelle:
         0.105-31+deb11u1 500
            500 http://ftp.halifax.rwth-aachen.de/debian bullseye/main amd64 Packages
            500 http://security.debian.org/debian-security bullseye-security/main amd64 Packages
            100 /var/lib/dpkg/status

    Best regards,

    Hendrik

    I will stick around to figure out the exact fix :)


    Here we go:


    Best regards,

    Hendrik

    Ah, sorry. That ist Not the Problem.

    I find it in the Webinterface.

    But when installing, an Error appears and disappears immediately.

    Thus I do it via Shell. This gives me above Error.

    Hello,


    I fail installing the KVM Plugin (I think this is the recommended way for virtualization in OMV6, right?).

    On the webinterface, the Error-Message disappears to quickly.

    On the commandline, I get:

    What am I doing wrong?


    I did an apt-get dist-upbrade before, which worked.


    Best regards,

    HEndrik